[DCAEGEN2] Add config supporting request CMPv2 certs
Add configuration supporting dealing with CMPv2 certs in K8s plugin.
Remove outputType from global values to allow it be specific for service.
Issue-ID: DCAEGEN2-2252
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Iedb9c3f63a539a386b9abd5d257c54f5ce023662
diff --git a/kubernetes/common/cmpv2Config/Chart.yaml b/kubernetes/common/cmpv2Config/Chart.yaml
new file mode 100644
index 0000000..816fcc7
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Template used to store cmpv2 configuration in onap
+name: cmpv2Config
+version: 6.0.0
diff --git a/kubernetes/common/cmpv2Config/requirements.yaml b/kubernetes/common/cmpv2Config/requirements.yaml
new file mode 100644
index 0000000..c9c16a9
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: 'file://../common'
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
new file mode 100644
index 0000000..cf86657
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+global:
+ aaf:
+ certServiceClient:
+ image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+ requestTimeout: "30000"
+ keystorePassword: "secret"
+ truststorePassword: "secret"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
index baef8a0..e917e90 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
@@ -2,6 +2,7 @@
#=================================================================================
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications (c) 2020 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,3 +28,6 @@
- name: mongo
version: ~6.x-0
repository: '@local'
+ - name: cmpv2Config
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
index a0ec3b4..6de75c9 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
@@ -2,6 +2,7 @@
#=================================================================================
# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications (c) 2020 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -37,5 +38,18 @@
"component_cert_dir": "/opt/dcae/cacert",
"component_ca_cert_path": "/opt/dcae/cacert/cacert.pem",
"ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert"
+ },
+ "external_cert":
+ {
+ "image_tag": "{{ .Values.global.tlsRepository }}/{{ .Values.cmpv2Config.global.aaf.certServiceClient.image }}",
+ "request_url": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestURL }}",
+ "timeout": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestTimeout }}",
+ "country": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Country }}",
+ "organization": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Organization }}",
+ "state": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2State }}",
+ "organizational_unit": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2OrganizationalUnit }}",
+ "location": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Location }}",
+ "keystore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.keystorePassword }}",
+ "truststore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.truststorePassword }}"
}
}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index b562beb..b96385c 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -127,8 +127,7 @@
# Client configuration related
caName: "RA"
requestURL: "https://aaf-cert-service:8443/v1/certificate/"
- outputType: "P12"
- requestTimeout: "20000"
+ requestTimeout: "30000"
keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
keystorePassword: "secret"
truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"